From 5158e2c0f4f93a3b1a9dbce39a8b011732a71141 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Sat, 5 Jun 2021 23:02:14 +0200
Subject: global: destroy rwlocks and mtxs

Before, most uses of rwlock and mtx never called the destroy method,
which might cause problems for witness.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 src/if_wg.c           |  6 +++++-
 src/selftest/cookie.c |  2 ++
 src/wg_cookie.c       | 16 ++++++++++++++++
 src/wg_cookie.h       |  2 ++
 src/wg_noise.c        |  6 ++++++
 5 files changed, 31 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/if_wg.c b/src/if_wg.c
index a6e19d6..73248a6 100644
--- a/src/if_wg.c
+++ b/src/if_wg.c
@@ -234,7 +234,6 @@ struct wg_peer {
 };
 
 struct wg_socket {
-	struct mtx	 so_mtx;
 	struct socket	*so_so4;
 	struct socket	*so_so6;
 	uint32_t	 so_user_cookie;
@@ -483,6 +482,9 @@ wg_peer_free_deferred(struct noise_remote *r)
 	counter_u64_free(peer->p_tx_bytes);
 	counter_u64_free(peer->p_rx_bytes);
 	rw_destroy(&peer->p_endpoint_lock);
+	mtx_destroy(&peer->p_handshake_mtx);
+
+	cookie_maker_free(&peer->p_cookie);
 
 	free(peer, M_WG);
 }
@@ -2891,6 +2893,8 @@ wg_clone_destroy(struct ifnet *ifp)
 	rn_detachhead((void **)&sc->sc_aip4);
 	rn_detachhead((void **)&sc->sc_aip6);
 
+	cookie_checker_free(&sc->sc_cookie);
+
 	if (cred != NULL)
 		crfree(cred);
 	if_detach(sc->sc_ifp);
diff --git a/src/selftest/cookie.c b/src/selftest/cookie.c
index 4076e4c..ab0de60 100644
--- a/src/selftest/cookie.c
+++ b/src/selftest/cookie.c
@@ -292,6 +292,8 @@ cookie_mac_test(void)
 	T_PASSED;
 	ret = true;
 cleanup:
+	cookie_checker_free(&checker);
+	cookie_maker_free(&maker);
 	return ret;
 }
 
diff --git a/src/wg_cookie.c b/src/wg_cookie.c
index 6b90e3a..34d0328 100644
--- a/src/wg_cookie.c
+++ b/src/wg_cookie.c
@@ -110,6 +110,14 @@ cookie_checker_init(struct cookie_checker *cc)
 	rw_init(&cc->cc_secret_lock, "cookie_checker_secret");
 }
 
+void
+cookie_checker_free(struct cookie_checker *cc)
+{
+	rw_destroy(&cc->cc_key_lock);
+	rw_destroy(&cc->cc_secret_lock);
+	explicit_bzero(cc, sizeof(*cc));
+}
+
 void
 cookie_checker_update(struct cookie_checker *cc,
     const uint8_t key[COOKIE_INPUT_SIZE])
@@ -152,6 +160,13 @@ cookie_maker_init(struct cookie_maker *cm, const uint8_t key[COOKIE_INPUT_SIZE])
 	rw_init(&cm->cm_lock, "cookie_maker");
 }
 
+void
+cookie_maker_free(struct cookie_maker *cm)
+{
+	rw_destroy(&cm->cm_lock);
+	explicit_bzero(cm, sizeof(*cm));
+}
+
 int
 cookie_maker_consume_payload(struct cookie_maker *cm,
     uint8_t nonce[COOKIE_NONCE_SIZE], uint8_t ecookie[COOKIE_ENCRYPTED_SIZE])
@@ -340,6 +355,7 @@ ratelimit_deinit(struct ratelimit *rl)
 	callout_stop(&rl->rl_gc);
 	ratelimit_gc(rl, true);
 	rw_wunlock(&rl->rl_lock);
+	rw_destroy(&rl->rl_lock);
 }
 
 static void
diff --git a/src/wg_cookie.h b/src/wg_cookie.h
index 8e59c32..e971fa2 100644
--- a/src/wg_cookie.h
+++ b/src/wg_cookie.h
@@ -53,12 +53,14 @@ struct cookie_checker {
 int	cookie_init(void);
 void	cookie_deinit(void);
 void	cookie_checker_init(struct cookie_checker *);
+void	cookie_checker_free(struct cookie_checker *);
 void	cookie_checker_update(struct cookie_checker *,
 	    const uint8_t[COOKIE_INPUT_SIZE]);
 void	cookie_checker_create_payload(struct cookie_checker *,
 	    struct cookie_macs *cm, uint8_t[COOKIE_NONCE_SIZE],
 	    uint8_t [COOKIE_ENCRYPTED_SIZE], struct sockaddr *);
 void	cookie_maker_init(struct cookie_maker *, const uint8_t[COOKIE_INPUT_SIZE]);
+void	cookie_maker_free(struct cookie_maker *);
 int	cookie_maker_consume_payload(struct cookie_maker *,
 	    uint8_t[COOKIE_NONCE_SIZE], uint8_t[COOKIE_ENCRYPTED_SIZE]);
 void	cookie_maker_mac(struct cookie_maker *, struct cookie_macs *,
diff --git a/src/wg_noise.c b/src/wg_noise.c
index 41f7f50..35784be 100644
--- a/src/wg_noise.c
+++ b/src/wg_noise.c
@@ -220,6 +220,9 @@ noise_local_put(struct noise_local *l)
 	if (refcount_release(&l->l_refcnt)) {
 		if (l->l_cleanup != NULL)
 			l->l_cleanup(l);
+		rw_destroy(&l->l_identity_lock);
+		rw_destroy(&l->l_remote_lock);
+		rw_destroy(&l->l_index_lock);
 		explicit_bzero(l, sizeof(*l));
 		free(l, M_NOISE);
 	}
@@ -468,6 +471,8 @@ noise_remote_smr_free(struct epoch_context *smr)
 	if (r->r_cleanup != NULL)
 		r->r_cleanup(r);
 	noise_local_put(r->r_local);
+	rw_destroy(&r->r_handshake_lock);
+	rw_destroy(&r->r_keypair_lock);
 	explicit_bzero(r, sizeof(*r));
 	free(r, M_NOISE);
 }
@@ -749,6 +754,7 @@ noise_keypair_smr_free(struct epoch_context *smr)
 	struct noise_keypair *kp;
 	kp = __containerof(smr, struct noise_keypair, kp_smr);
 	noise_remote_put(kp->kp_remote);
+	rw_destroy(&kp->kp_nonce_lock);
 	explicit_bzero(kp, sizeof(*kp));
 	free(kp, M_NOISE);
 }
-- 
cgit v1.2.3-59-g8ed1b